126d275c3d72e98febb4b61409be0b15_JaffaCakes118 | Triage

Sharing

General

Target

126d275c3d72e98febb4b61409be0b15_JaffaCakes118
Size

92KB
MD5

126d275c3d72e98febb4b61409be0b15
SHA1

0e076a3cdda47db767c543a231d8ed1f6e01a3ee
SHA256

76218ecbb3c0a085a63792594246a3a280c8178c8d0252015eec0ea2edc469c2
SHA512

440e73a40633389820a65809bb490ce7757b59ae97459759bf5ffb5c979ec89e33f4dae75fc789806eee30660a4c48f09d1fd65e4debde65aaac7fe44363cd79
SSDEEP

1536:AXWzXcKQHz+g9bzwK9dheIE8BigF1jBmC:AGXhwCg9vwK9KIE8pBmC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
126d275c3d72e98febb4b61409be0b15_JaffaCakes118

Files

126d275c3d72e98febb4b61409be0b15_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c389893d13391186ccbfc11ad8fc9eb3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
SuspendThread
GetCurrentThread
ExitProcess

user32

SetWindowTextA

advapi32

RegQueryValueExA

shell32

ShellExecuteA

directx

?DX_createDx6Control@@YAPAUDxControl@@PAUDxSetup@@@Z

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zylms
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.zylmi
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE